He has some valid criticisms of iMessage - it is nowhere as secure as Apple makes it out to be. But WhatsApp collects all of your metadata and shares it with Meta, so it's hardly better. I strongly suggest using Signal -- it's cross-platform and open-source, has been independently audited, and collects virtually no metadata.
iMessage has many problems:
The problems with iMessage are in two areas: the protocol itself, and everything else.
The iMessage encryption protocol isn't well designed:
- The iMessage protocol doesn't have forward secrecy (https://www.tomshardware.com/news/imessage-weak-encryption-matthew-green,32466.html) -- that means it reuses the same encryption key indefinitely. That makes it much more susceptible to compromise. The Signal protocol has forward secrecy and changes the encryption key on each message.
- Following the 2016 revelations, Apple updated the iMessage protocol, using a custom signcryption scheme (see https://par.nsf.gov/servlets/purl/10200009). That paper found that the iMessage protocol is theoretically sound but makes suspect parameter choices: it uses only 88 bits of entropy per-message, and the per-message authentication tag is only 40 bits; both values are too small. Ultimately, the authors claim that Apple made unusual design choices in iMessage and questioned why Apple didn't use a more standardized, well-studied approach. There is speculation that backwards compatibility drove Apple's design process.
- iMessage does not allow participants to verify one another’s identities and their shared encryption key. The system requires devices to implicitly trust Apple’s servers to distribute user’s public keys. In Signal, you can scan a QR code to verify the encryption key; this prevents man in the middle attacks. See this for more info https://blog.cryptographyengineering.com/2015/09/09/lets-talk-about-imessage-again/
- A 2014 analysis of iMessage found that traffic analysis can reveal the Operating System (100% accuracy), type of user action message (96% accuracy), text language (98% accuracy), and plaintext message length (to within 6 characters). https://arxiv.org/pdf/1403.1906.pdf.
In terms of "everything else" -- Apple has access to a lot of iMessage metadata, and in many cases to your chats (via iCloud backups):
The encryption point is largely semantic. Yes, users can tether their iPhone to a computer, launch iTunes (Windows) or Finder (Mac), and backup.
But almost no regular user is doing that, and it also requires the user to disable Messages back up from the iCloud settings on the device.
As a general point, Facebook’s claims hold water on this one. People want cloud backups, not to mess about with cables and computers. WhatsApp offers e2e encrypted cloud backup, iMessage doesn’t.
For marketing purposes, it’s all good. Now it’s over to Apple to implement e2e encryption for cloud backups.
iMessage is too limited and WhatsApp belongs to Meta, I think neither is really a good choice. I prefer Signal, since it is available on iOS and Android and it is reasonable secure.
The encryption point is largely semantic. Yes, users can tether their iPhone to a computer, launch iTunes (Windows) or Finder (Mac), and backup.
But almost no regular user is doing that, and it also requires the user to disable Messages back up from the iCloud settings on the device.
As a general point, Facebook’s claims hold water on this one. People want cloud backups, not to mess about with cables and computers. WhatsApp offers e2e encrypted cloud backup, iMessage doesn’t.
For marketing purposes, it’s all good. Now it’s over to Apple to implement e2e encryption for cloud backups.
But Messages in iCloud is end-to-end encrypted. You don’t have to back up to a computer. I’ve had it turned on ever since it came out years ago, so I’m not sure if it’s the default, but otherwise it’s a simple toggle in Settings.
I agree that iCloud Backup should be E2E encrypted though.
Possibly in USA (& Canada?), probably not anywhere else. In France at least I think that Facebook (i.e., WhatsApp & Messenger) has the lead, and by a large margin.
Comments
iMessage has many problems:
https://www.usenix.org/system/files/conference/usenixsecurity16/sec16_paper_garman.pdf
. While the attack is difficult to execute, it should never be possible.I agree that iCloud Backup should be E2E encrypted though.
In France at least I think that Facebook (i.e., WhatsApp & Messenger) has the lead, and by a large margin.